|
- UID
- 1029342
- 性别
- 男
|
基于HTTP在互联网传输敏感数据的消息摘要、签名与加密方案(3)
- /**
- * Post an xml string to a specific host.
- *
- * @param targetHost
- * @param targetPort
- * @param protocol
- * @param proxyHost
- * @param proxyPort
- * @param proxyUser
- * @param proxyPassword
- * @param uri
- * @param paraMap
- * @param xml
- * @param charset
- * @return
- * @throws ClientProtocolException
- * @throws IOException
- */
- public String postXmlString(String targetHost, int targetPort,
- String protocol, String proxyHost, int proxyPort, String proxyUser,
- String proxyPassword, String uri, Map<String, String> paraMap,
- String xml, String charset) throws ClientProtocolException,
- IOException {
- String result = null;
- DefaultHttpClient httpclient = new DefaultHttpClient();
- if (StringUtils.isNotBlank(proxyHost) && proxyPort > 0) {
- // 设置上网代理
- AuthScope authScope = new AuthScope(proxyHost, proxyPort);
- if (StringUtils.isNotBlank(proxyUser)
- && StringUtils.isNotBlank(proxyPassword)) {
- // 设置上网代理的用户名和密码
- UsernamePasswordCredentials upc = new UsernamePasswordCredentials(
- proxyUser, proxyPassword);
- httpclient.getCredentialsProvider().setCredentials(authScope,
- upc);
- }
- HttpHost proxy = new HttpHost(proxyHost, proxyPort);
- httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,
- proxy);
- }
- HttpHost host = new HttpHost(targetHost, targetPort, protocol);
- uri = buildUri(uri, paraMap);
- log.info("post uri: " + uri);
- log.info("post content: " + xml);
- HttpPost post = new HttpPost(uri);
- StringEntity se = new StringEntity(xml,
- StringUtils.isNotBlank(charset) ? charset : "utf-8");
- se.setContentEncoding(new BasicHeader(HTTP.CONTENT_TYPE,
- "application/xml"));
- post.setEntity(se);
- HttpResponse response = httpclient.execute(host, post);
- if (HttpStatus.SC_OK == response.getStatusLine().getStatusCode()) {
- HttpEntity entity = response.getEntity();
- if (entity != null) {
- result = EntityUtils.toString(entity);
- log.info("post result: " + result);
- }
- } else {
- log.error("post failed, status code: "
- + response.getStatusLine().getStatusCode());
- }
- return result;
- }
- public
static
void main(String[] args) throws Exception { - AESTool aes = new AESTool();
- SignatureUtil signatureUtil = new SignatureUtil();
- String appid = "canairport001";
- String token = signatureUtil.findTokenById(appid);
- String key = aes.findKeyById(appid);
- long millis = System.currentTimeMillis();
- String xml = "<dependency><groupId>commons-lang</groupId><artifactId>commons-lang</artifactId><version>2.5</version></dependency>";
- xml = aes.encrypt(xml, key);
- String lol = signatureUtil.digest(xml, "MD5");
- String signature = signatureUtil.generateSignature(appid, token, lol,
- millis);
- log.info("lol: \n" + lol);
- log.info("signature: \n" + signature);
- String uri = "http://127.0.0.1:8080/demo/psginfo.do";
- Map<String, String> paraMap = new HashMap<String, String>();
- paraMap.put("s", signature);
- paraMap.put("a", appid);
- paraMap.put("t", String.valueOf(millis));
- paraMap.put("l", lol);
- paraMap.put("o", "test");
- HttpclientUtil util = new HttpclientUtil();
- try {
- String result = util.postXmlString("127.0.0.1", 8080, "http", null,
- 0, null, null, uri, paraMap, xml, "utf-8");
- result = aes.decrypt(result, key);
- System.out.println(result);
- } catch (ClientProtocolException e) {
- e.printStackTrace();
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- }
4.服务端代码:
Java代码 [url=] [/url]
- import java.io.BufferedReader;
- import java.io.IOException;
- import java.io.InputStream;
- import java.io.InputStreamReader;
- import java.io.PrintWriter;
- import java.io.UnsupportedEncodingException;
- import javax.servlet.ServletException;
- import javax.servlet.annotation.WebServlet;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import org.apache.commons.lang.StringUtils;
- import org.apache.log4j.Logger;
- import co.speedar.wechat.util.AESTool;
- import co.speedar.wechat.util.SignatureUtil;
- /**
- * Servlet implementation class PsginfoServlet
- */
- @WebServlet(urlPatterns = { "/psginfo.do" }, loadOnStartup = 1)
- public
class PsginfoServlet extends HttpServlet { - protected
static
final Logger log = Logger.getLogger(PsginfoServlet.class); - private
static
final
long serialVersionUID = 6536688299231165548L;
- private SignatureUtil signatureUtil = new SignatureUtil();
- private AESTool aes = new AESTool();
- /**
- * @see HttpServlet#HttpServlet()
- */
- public PsginfoServlet() {
- super();
- }
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected
void doGet(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException {
- String echostr = request.getParameter("e");
- log.info("echostr before echo: " + echostr);
- String signature = request.getParameter("s");
- String appid = request.getParameter("a");
- String timestamp = request.getParameter("t");
- String lol = request.getParameter("l");
- long millis = Long.valueOf(timestamp);
- // Need to check signature in product mode.
- if (signatureUtil.isValid(signature, appid, lol, millis)) {
- PrintWriter writer = response.getWriter();
- log.info("echostr after echo: " + echostr);
- writer.print(echostr);
- writer.flush();
- writer.close();
- }
- }
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected
void doPost(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException {
- // Get request parameters.
- String signature = request.getParameter("s");
- String appid = request.getParameter("a");
- String timestamp = request.getParameter("t");
- String lol = request.getParameter("l");
- String operation = request.getParameter("o");
- long millis = Long.valueOf(timestamp);
- // Get xml data.
- String encoding = StringUtils
- .isNotBlank(request.getCharacterEncoding()) ? request
- .getCharacterEncoding() : "utf-8";
- String requestXmlString = getXmlStringFromHttpRequest(request);
- String digest = signatureUtil.digest(requestXmlString, "MD5");
- // Check signature and digest.
- if (StringUtils.equals(digest, lol)) {
- if (signatureUtil.isValid(signature, appid, lol, millis)) {
- try {
- String key = aes.findKeyById(appid);
- requestXmlString = aes.decrypt(requestXmlString, key);
- log.info("received xml data:\n" + requestXmlString);
- // 校验xml合法性并执行相应动作
- String responseXmlString = doSomeThing(requestXmlString,
- operation);
- responseXmlString = aes.encrypt(responseXmlString, key);
- log.info("responsed xml data:\n" + responseXmlString);
- response.setCharacterEncoding(encoding);
- PrintWriter writer = response.getWriter();
- writer.print(responseXmlString);
- writer.flush();
- writer.close();
- } catch (Exception e) {
- log.error(e, e);
- }
- } else {
- log.error("invalid signature");
- }
- } else {
- log.error("invalid digest.");
- }
- }
|
|
